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INTRODUCTION 

The  Environmental  Visualization  (EVIS)  project  is  a  collaborative  effort  among  the 
Naval  Research  Laboratory,  the  Naval  Undersea  Warfare  Center,  and  the  Applied 
Physics  Laboratory,  University  of  Washington.  The  EVIS  team,  a  multidisciplinary 
group  of  physical  scientists,  computer  scientists,  and  human  factors  psychologists,  is 
tailoring  the  weather  and  oceanographic  information  provided  to  military  personnel.  The 
participation  of  the  EVIS  team  in  the  Horizontal  Fusion  (HF)  program,  (sponsored  by  the 
Assistant  Secretary  of  Defense  for  Networks  and  Information  Integration),  has  resulted  in 
an  innovative  capability  that  provides  mission  critical  environmental  effects  products  via 
a  web  service  oriented  architecture.  Personnel  of  the  Multinational  Forces-Iraq  (MNF-I) 
are  testing  this  new  capability. 

The  EVIS  project  began  in  1997  as  an  Office  of  Naval  (ONR)  sponsored  basic  research 
project  that  focused  on  the  human  systems  component  of  the  U.S.  Navy  meteorology  and 
oceanography  (METOC)  community.  Researchers  investigated  the  weather  forecasting 
task  and  the  associated  processes  such  as:  gathering  the  necessary  METOC  data  and 
information  from  both  numerical  forecast  models  and  observations;  processing  that 
information;  forming  a  mental  model  of  the  weather;  and  providing  an  external 
explanation  of  the  weather  or  the  ocean’s  effect  on  a  warfighter’s  mission.  Based  on  this 
research,  an  applied  project  was  funded  by  the  ONR  Future  Naval  Capability  program  to 
help  solve  noted  problems  in  the  flow  of  information  from  the  source  to  the  end-user.  In 
2003,  the  EVIS  project  was  selected  for  inclusion  in  the  Horizontal  Fusion  (HF)  program. 
EVIS  was  tasked  with  developing  technology  to  provide  mission-critical  environmental 
information  to  the  HF  portfolio  members  and  end  users  within  a  secure  web  services 
architecture. 
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The  EVIS  capability  developed  for  HF  enables  an  authenticated  user  to  securely  access 
high-resolution  METOC  information  from  a  remote  server,  create  tailored  products  for 
mission  planning,  publish  the  specific  effects,  and  do  this  more  efficiently  than  is 
possible  with  the  currently  available  production  tools.  EVIS  provides  portal  and  other 
Java-based  access  mechanisms  to  METOC  data  sources  through  a  family  of  value-added 
web  services  that  were  developed  to  expose  and  process  data  for  METOC  impacts  related 
to  specific  military  mission  parameters.  Based  on  a  matrix  of  mission  effect  rules  that  can 
be  modified  by  the  user,  the  EVIS  Mission  Effects  Services  (EMES)  generates  mission 
impact  summaries  and  related  map  image  overlays  that  are  available  and  advertised 
throughout  the  networked  enterprise. 

HORIZONTAL  FUSION 

As  stated  on  the  Horizontal  Fusion  public  web  site,  this  program, 

“. .  .provides  a  foundation  for  effective  information  sharing  through  a  framework  of 
standards  for  interoperation.  Portfolio  management  helps  preserve  legacy  investments 
and  focuses  technology  effort  around  the  persistent  availability  of  information  rather  than 
the  perpetual  replacement  of  systems.  Time  frames  in  a  world  of  asymmetric  conflict  are 
far  too  short  to  allow  for  adaptation  or  replacement  of  systems.  The  benefits  of 
information  sharing  are  measurable: 

•  Fast  access  to  more  timely  and  accurate  data 

•  Lower  probability  of  decision-making  error  and,  worse,  operational  risk 

•  Lower  cost  to  use  military  force 

•  More  accurately  targeted  force/higher  probability  of  success 

•  Shorter  time  to  mission  goal;  lower  risk  to  U.S.  and  coalition  forces.” 

Service  Oriented  Architecture 

The  key  systems-related  decision  of  the  HF  program  was  to  connect  a  variety  of 
capabilities  via  a  Service  Oriented  Architecture  (SOA). 

One  way  to  describe  SOA  can  be  seen  in  figure  1,  commonly  called  the  “SOA  Triangle.” 
Service  consumers  locate  service  providers  by  means  of  a  registry  in  which  the  current 
providers’  services  are  listed.  Examples  of  simple  services  can  be  things  such  as 
receiving  a  map  of  a  location  or  an  updated  time  check. 
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Figure  1.  The  Service  Oriented  Architecture  triangle 

Figure  1  is  simple  in  principle,  but  there  are  many  pitfalls  in  its  implementation.  The 
overall  approach  may  be  described  as: 

•  Provider  creates  some  service  available  for  consumption 

•  Provider  creates  “registration  documents”  and  registers  these  with  some  “registry 
service” 

•  Consumers,  looking  for  that  particular  type  of  service,  locate  binding  information 
via  the  registry  service 

•  Consumers  then  bind  (based  on  the  indicated  protocol  in  the  registry  documents) 
with  the  producer,  and  consume  the  product  service 

It  must  be  realized  that  an  SOA  is  a  series  of  guidelines,  not  a  rigid  specification, 
although  general  principals  are  adhered  to  and  discussed  here.  The  architecture  may  be 
distributed  over  numerous  servers  running  anywhere  on  the  network  (in  the  case  of 
deployed  FIF  services,  on  the  DoD  SIPRNET).  Services  implemented  in  many  different 
languages  and  running  on  various  operating  systems  and  platforms  dictate  an 
implementation  neutral  specification.  Most  of  the  providers  break  down  their  overall 
service  definition  into  a  number  of  granular  services  for  re-composition  (building  new 
services)  and  reuse.  Because  components  are  very  loosely  coupled,  there  is  a  great  degree 
of  flexibility  in  how  services  are  combined  and  incorporated  at  a  later  time.  Lastly, 
services  are  registered  in  a  uniform  way,  so  they  may  be  discovered  by  potential  users  via 
the  registration  service. 

The  participants  involved  in  the  FIF  portfolio  offer  a  large  number  of  varied  services, 
ranging  from  real-time  streaming  video  (such  as  from  a  Predator  flying  over  Iraq),  to  a 
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Defense  Intelligence  Agency  (DIA)  database  of  “persons  of  interest”  and  their 
whereabouts,  to  natural  language  translation  services,  to,  in  the  case  of  EVIS,  METOC 
information  and  its  impact  on  various  types  of  military  missions.  As  more  and  more 
participants  become  involved,  it  seems  clear  that  the  benefits  of  an  SOA  will  validate  this 
choice  of  architecture.  Key  components  of  an  SOA  that  are  implemented  by  HF  are 
described  below. 

Registering  and  Discovering  Services 

The  primary  method  by  which  services  are  registered  and  discovered  (located)  in  an  SOA 
is  through  common  registries  based  on  the  Elniversal  Description,  Discovery,  and 
Integration  (UDDI)  specification.  UDDI  is,  in  effect,  like  a  phonebook  for  web  services; 
both  the  service  location  and  a  technical  description  of  the  service  offerings  are  available. 

The  UDDI  specification  relies  on  a  categorization  system  based  on  taxonomies.  Through 
the  use  of  taxonomies,  definitions,  relationships,  and  descriptions  of  business  entities  and 
their  locations,  service  binding  information  may  be  formally  expressed.  Over  the  last 
three  years  HF  data  providers  have  collaborated  on  new  discovery  taxonomy.  This 
taxonomy  was  provided  to  the  Assistant  Secretary  of  Defense  for  Networks  and 
Information  Integration  (ASD/NII)  Taxonomy  Focus  Group  and  has  since  become  part  of 
the  group’s  core  taxonomy.  In  time,  many  see  this  effort  evolving  into  the  core  DOD 
taxonomy  and  being  ubiquitous  on  the  Global  Information  Grid  (GIG).  Because 
“weather”  incorporates  many  diverse  intellectual  concepts  involving  the  physical  world, 
it  is  especially  difficult  to  derive  taxonomic  descriptions  that  capture  the  salient  points  of 
meteorological  phenomena  and  their  relationships  to  events.  A  major  focus  of  EVIS 
development  has  been  to  codify  weather  and  oceanography  and  their  relationship  to  and 
impact  on  missions  and  assets  within  the  military  domain;  this  effort  is  more  fully 
explained  in  the  section  on  EVIS  Rules. 

Federated  Search  -  Discovering  Content 

Another  method  of  discovering  services  and  their  content  has  been  implemented  in  HF 
through  a  next-generation  knowledge  discovery  framework  called  Federated  Search.  A 
virtual  information  space,  called  Collateral  Space  was  developed  for  the  HF  portfolio. 
Collateral  Space  contains  a  collection  of  specialized  data  search  engines;  data  and 
information  from  various  service  providers  have  been  registered  using  a  software 
construct  known  as  the  Registration  Web  Service  (RWS).  Complex  queries  may  be 
initiated  at  any  point  in  Collateral  Space,  and  results  are  obtained  by  software  called  the 
Search  Web  Service  (SWS). 

Query  initiation  takes  place  by  a  user  first  posing  a  natural  language  query  to  IFIS  (the 
Intelligent  Federated  Index  Search).  The  process  unfolds  as  follows:  (1)  IFIS  receives  a 
natural  language  query  and  normalizes  it  into  a  standard  formalization,  from  which  the 
semantics  of  common  terms  and  keywords  may  be  recognized.  (2)  IFIS  matches  these 
terms  with  information  provided  by  data  providers  who  have  registered  with  the 
Collateral  Space,  and  the  normalized  queries  are  then  forwarded  to  the  pertinent  data 
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providers  via  the  SWS;  (3)  data  providers  match  the  query  to  various  data  products  within 
their  domain  and  return  results  via  the  SWS;  (4)  the  IFIS  engine  conducts  initial  post 
processing;  and  (5)  a  ranked  list  of  the  query  results  is  presented  to  the  user.  A  detailed 
example  of  a  query  posed  for  environmental  mission  effects  products,  is  presented  later  in 
the  paper. 

Federated  Search  allows  users  to  search  through  Collateral  Space  data  that  is  both 
structured  and  non-structured,  and  multiple  searches  may  be  initiated  from  a  single  point. 
Since  only  the  data  providers  deemed  relevant  by  analysis  of  the  semantics  of  the  query 
respond,  much  of  the  sorting  and  correlation  that  would  be  necessary  by  a  user  using 
ordinary  search  engine  technology  (e.g.,  Google)  is  eliminated.  A  further  feature  of  IFIS 
allows  user  customization  of  query  normalization  routing  by  defining  a  search  profile  that 
may  incorporate  prior  knowledge.  Date  and  geospatial  constraints  can  also  be  put  into 
the  query;  a  user  can  ask  for  data  that  is  very  recent  or  that  is  relevant  to  a  specific 
geographical  area.  The  Federated  Search  process  supports  access  control  (discussed  in 
Security  in  the  following  paragraphs),  so  only  users  with  proper  security  credentials  (role, 
citizenship,  clearance)  may  obtain  results  at  various  security  classification  levels.  The 
returns  from  the  data  provider  include  a  relevance  score  that  can  be  displayed  and  used  to 
sort  results.  A  final  feature  of  the  IFIS  process  is  the  ability  to  deal  with  military 
acronyms  common  in  almost  all  military  queries.  IFIS  uses  an  elaborate  ontology  to  cast 
semantic  terms  to  and  from  a  common  lexicon. 

Security 

One  of  the  initial  goals  of  Horizontal  Fusion  was  to  develop  and  demonstrate  security 
capability  beyond  “system-high”  including  a  cross-domain  capability  using  COTS/GOTS 
software  and  hardware  rather  than  more  trusted  operating  systems.  The  goal  was  security 
controls  that  would  perform  authorization  and  authentication  of  all  users,  data  and 
services  within  the  execution  chain  (i.e.,  beginning  with  a  user  logon,  to  service  or 
content  discovery,  to  information  request,  to  final  delivery  of  a  data  product  to  the  user). 
To  achieve  this,  a  set  of  security  specifications  was  developed  which  detail  the  services  to 
be  invoked  and  to  what  extent  each  service  contributes  to  the  overall  security. 

Early  implementation  efforts  began  by  requiring  web  service  calls  to  be  made  using 
Hypertext  Transport  Protocol  Secure  (HTTPS)  and  extending  the  Lightweight  Directory 
Access  Protocol  (LDAP)  standard.  To  achieve  this,  the  Defense  Information  Services 
Agency’s  (DISA)  Global  Directory  Service  (GDS),  which  contains  information  about  all 
DoD  personnel  who  have  obtained  DoD  Public  Key  Infrastructure  (PKI)  Certificates,  was 
incorporated  as  the  core  schema  for  the  HF  LDAP.  Further  extensions  were  made  since 
DISA’s  GDS  did  not  support  all  features  needed  for  an  augmented  Discretionary  Access 
Control  (known  in  HF  as  DAC+)  such  as  user  authentication  and  clearance  capability. 

To  make  security  software  development  more  uniform  throughout  the  HF  program,  two 
security  software  development  kits  were  produced:  one  by  DIA  and  another  from  DISA’s 
Net-Centric  Enterprise  Services  (NCES)  group.  These  handlers  were  plugged  in  at 
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various  levels  in  the  service  chain  and  were  able  to  implement  most  of  the  call-outs  for 
security  adjudication. 

Security  adjudication  utilizes  several  services:  Certificate  Validation  Service  (CVS), 
Principal  Attribute  Service  (PAS),  Policy  Decision  Service  (PDS),  and  Classification 
Policy  Decision  Service  (cPDS).  The  security  handlers  managed  the  task  of  calling  CVS 
to  validate  the  PKI  certificate  of  the  user  and  calling  PDS  to  determine  the  role-based 
authorization  of  the  user  (i.e.,  whether  the  user  can  have  access  to  the  service  requested). 
PAS  is  utilized  to  retrieve  information  about  user  attributes  and  these  are  retrieved  by  the 
enterprise  LDAP. 

In  HF,  the  EVIS  application  gets  information  from  LDAP  through  a  convenience 
application  that  the  portal  supplies,  (i.e.,  an  RBACPortalBean).  Finally,  the  cPDS 
implements  decision  rules  for  security  access  policies  for  the  enterprise.  These  decision 
rules  check  the  validity  of  security  labels.  For  example,  the  rules  ask  if  a  specific 
combination  of  classification  level,  dissemination  control,  and  releasable  markings  is  a 
valid  classification.  The  cPDS  is  also  used  to  check  relationships  between  the 
classification  of  data  and  the  user’s  credentials  and  determine  whether  the  data  can  be 
released  to  the  user.  While  simple  to  state,  security  adjudication  is  extremely  complex 
given  the  various  levels  of  U.S.  and  foreign  security  classifications,  rules  for 
classification  aggregation,  and  rules  for  classification  dominance  of  a  widespread 
clientele  on  the  GIG. 

The  HF  program  has  been  successful  in  its  initial  implementation  of  attribute-based 
access  controls,  especially  Role-Based  Access  Control  (RBAC).  In  the  case  of  EVIS,  a 
user  with  the  credential  of  “user. analyst”  may  request  archived  effects  products. 

However,  a  “user,  analyst. weather”  credential  (that  of  a  trained  METOC  forecaster)  is 
necessary  for  the  analysis  and  production  of  content  describing  the  environmental 
impacts  on  mission  variables.  Obviously,  the  continual  success  of  this  approach  will 
depend  on  the  dynamic  updating  of  user  roles  as  personnel  shift  in  and  out  of  theater 
operations. 

THE  EVIS  INITIATIVE  IN  HF 
The  EVIS  Portlet 

Portals  and  Portlets 

A  web  portal  is  designed  to  provide  personalized  capabilities  to  its  users.  The  users  sign 
onto  the  portal  to  start  the  session  and  the  portal  decides  which  distributed  applications  to 
present  to  the  user  based  on  the  user’s  status  or  role  acquired  from  an  access  control 
service.  The  user  is  required  to  authenticate  only  once,  thus  giving  him  access  to  all 
allowable  applications  referred  to  as  single  sign-on. 

Although  early  web  portals  have  been  successful  on  a  hit  or  miss  basis  such  as  Yahoo!, 
Google,  AOL,  and  MSN,  the  industry  is  now  shifting  to  the  enterprise  web  portal,  or 
“enterprise  web.”  The  use  of  a  private  web  portal  to  unite  the  web  communications  and 
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shared  thinking  inside  a  large  corporation  has  begun  to  be  seen  by  many  as  both  a  labor- 
saving  and  money-saving  technology.  Some  corporate  analysts  have  predicted  that 
corporate  web  portal  spending  will  be  one  of  the  top  five  areas  for  growth  in  the  Internet 
technologies  sector  during  the  first  decade  of  the  2 1st  century. 

The  most  important  features  of  enterprise  portals  are: 

Single  touch  point  — the  delivery  mechanism  for  all  business  information  services. 

Personalization  — portal  members  subscribe  to  specific  types  of  content  and  services. 
Users  customize  the  look  and  feel  of  their  environment. 

Collaboration  —  portal  members  communicate  synchronously  (chat,  or  messaging)  or 
asynchronously  through  threaded  discussion  and  email  digests  (forums). 

Content  and  document  management  —  services  that  support  the  full  life  cycle  of 
document  creation  and  provide  mechanisms  for  authoring,  approval,  version  control, 
scheduled  publishing,  indexing,  and  searching. 

Integration  —  the  connection  of  functions  and  data  from  multiple  systems  into  new 
components  or  portlets. 

The  Implementation  of  a  Mission  Effects  Portlet 

The  EVIS  system  is  a  collaboration  between  a  data-facing  service  and  a  user-facing 
service.  The  EVIS  portlet  resides  as  a  subcomponent  in  the  larger  HF  MARS  portal.  The 
EVIS  portlet  provides  several  layers  of  capability  depending  on  the  user’s  role. 
Designated  weather  forecasters  (role:  user. analyst. weather)  have  access  to  the  full 
capability  to  make  mission  effects  products,  while  operational  users  or  analysts  (role: 
user. analyst)  have  the  ability  to  only  view  the  products  made  by  the  weather  forecasters. 

The  EVIS  portlet,  called  the  EVIS  Mission  Effects  System  (EMES),  is  a  decision  tool 
designed  to  aid  users  in  understanding  the  effect  of  the  environment  on  operational 
missions  and  is  developed  by  orchestrating  the  suite  of  EVIS  web  services.  The  EMES 
product  provides  both  an  overview  in  matrix  or  spreadsheet  format  of  the  environmental 
effects  on  a  particular  mission,  plus  a  visual  representation  of  the  environmental  effects 
over  a  geographic  area  of  interest  (AOI).  The  geographic  product  is  a  shaded  contour 
map  overlay  that  shows  a  yellow  shaded  area  where  the  selected  environmental  parameter 
could  cause  a  marginal  impact  on  military  operations,  and  a  red  shaded  area  where  the 
impact  is  expected  to  be  severe,  based  on  a  threshold  comparison  of  user-defined  limits 
and  numerical  model  analyses  and  forecasts.  A  color-coded  spreadsheet  or  matrix,  listing 
the  mission  parameters  and  the  environmental  impacts  for  each  forecast  time,  is  also 
generated.  Each  cell  in  the  matrix  is  hyperlinked  to  a  graphic  product  that  represents  the 
same  time  period  and  threshold  parameter.  Products  are  saved  on  the  EVIS  server  and 
accessed  via  the  EMES  Review  page(s). 
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Figure  2.  EVIS  Portlet  Workflow 


Figure  2  represents  a  user’s  workflow  (from  top  left  clockwise  around  to  bottom  left) 
when  generating  an  EVIS  Portlet  product.  Once  the  portlet  is  started,  the  Labels  page 
provides  user-definable  classification  and  dissemination  controls  for  the  final  product 
created  in  a  session. 

The  Model  Selection  page  returns  a  series  of  model  "thumbnails"  representing  various 
geographic  areas  where  environmental  numerical  model  information  of  interest  to  the 
EVIS  user  is  available.  Within  the  thumbnails  there  may  also  be  colored  rectangles 
representing  various  mesoscale  model  nests.  Please  see  Figure  3  for  a  larger  view. 

A  Model  Information  page  (not  shown)  provides  metadata  information  about  the 
parameters  contained  in  a  given  model.  This  page  is  available  for  each  model  in  the 
Model  Selection  page. 

The  Area  Selection  page  allows  users  to  specify  a  smaller  region  of  a  geographical  area 
than  the  model  provides  by  default.  This  is  useful  for  zooming  in  on  the  map  and 
generating  a  product  page  that  provides  information  about  a  specific  area. 

The  Route  Creation  page  allows  users  to  create  a  route  on  top  of  the  area  they  have 
selected.  A  route  is  defined  by  a  series  of  waypoints  that  are  connected  by  paths.  Each 
route  component  can  be  associated  with  individual  impact  thresholds.  Later,  when  the 
threshold  effects  are  returned,  the  results  will  correspond  only  to  the  route  elements  users 
have  added. 
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figure  3.  Example  of  EVIS  Portlet  model  selection. 

The  Basetime  (forecast  times)  and  TAU  page  (not  shown)  provides  users  the  opportunity 
to  select  one  base  time  (starting  point)  and  multiple  TAUs  (forecast  time  offsets)  for  a 
forecast.  Each  TAU  selected  will  produce  a  forecast  for  the  end  product. 

Through  the  Rule  Selection  page  (not  shown)  users  can  specify  multiple  rules  to  be 
displayed  in  the  final  product.  As  described  below,  the  RP-1  application  is  used  to 
provide  rule  services  for  EVIS.  Each  rule  requires  both  a  marginal  and  severe  value  in 
order  for  the  server  to  compute  effects  and  create  a  threshold  image.  The  final  product  is 
an  image  for  each  TAU  and  Rule  (TAU-Rule)  combination.  For  example,  if  three  TAUs 
are  selected  from  the  Basetime  &  TAUs  page  and  five  rules  are  selected  from  Rule 
Selection,  the  final  product  will  provide  a  total  of  15  cells,  with  each  valid  cell  containing 
a  link  to  the  associated  threshold  image. 

The  Product  Display  page  (not  shown)  presents  the  results  of  the  current  session  in  table 
format.  There  are  two  types  of  information  displayed  on  this  page.  The  first  type  is  user- 
selected  data.  This  page  displays:  who  the  user  is,  when  the  product  was  created,  what 
basetime  was  selected,  the  latitudes  and  longitudes  of  the  selected  geographic  area,  and  a 
map  of  the  selected  geographic  area. 

The  second  type  of  information  is  the  result  of  each  TAU-Rule  combination.  The  server 
applies  the  user-defined  marginal  and  severe  values  of  each  rule  to  each  TAU  and 
displays  a  table  summarizing  the  results.  Each  cell  in  the  table  displays  a  color 
representing  the  most  severe  state  in  each  TAU-Rule  combination:  Green  -  acceptable; 
Yellow  -  marginal;  Red  -  severe;  and  black  -  no  data  available  or  server  failed  on 
request.  If  a  route  was  created,  the  data  is  further  separated  with  each  route  element 
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having  its  own  table  with  its  own  rules  and  threshold  results.  If  no  route  was  requested, 
then  all  rules  will  be  in  a  single  table. 

The  Product  Detail  page  displays  the  geographic  map  area  for  the  selected  TAU-Rule  cell 
with  a  marginal  (yellow)  and  severe  (red)  threshold  color  overlay.  Please  see  Figure  4. 
This  combined  image  represents  where  the  parameter  is  forecast  to  exceed  the  values  in 
the  marginal  and  severe  fields  for  this  TAU-Rule  combination.  The  Confirmation  page 
confirms  that  the  product  resulting  from  the  current  session  has  been  saved  to  the  EVIS 
server,  and  will  be  available  in  the  REVIEW  EMES  PRODUCTS  portlet. 

Note  that  since  the  EVIS  Portlet  runs  inside  the  user’s  browser  there  is  no  additional 
software  required.  The  EVIS  Portlet  has  been  tested  in  many  browsers  including  Internet 
Explorer,  Mozilla,  Netscape,  Firefox,  Opera,  and  Safari.  The  most  recent  release  of  any 
browser  of  choice  is  recommended. 

The  EVIS  Portlet  demonstrates  one  orchestration  of  the  EVIS  back-end  web  services. 
Other  orchestrations  are  possible  and  this  powerful  construct  made  possible  using  web 
services  has  been  demonstrated  by  other  applications  that  have  utilized  the  EVIS  back 
end  services  and  integrated  components  into  their  feature  sets.  Similarly,  using  web 
services,  the  EVIS  Portlet  could  access  an  available  web  mapping  service  and 
demonstrate  cross-application  orchestration. 


ASSET  CONDENSED  IMPACT 

PARAMETER 

MARGINAL 

SEVERE 

Cloud  Ceiling  |  1200.0  -  3000.0  FT  |  <  1200.0  FT 

Back  to  Product  J  |  Save  Phoduct  to 


Figure  4.  Example  of  EVIS  Portlet  mission  effects  product. 

The  EVIS  Server 


The  core  data  engine  of  EMES  is  the  EVIS  web  server,  maintained  and  supported  at  the 
Fleet  Numerical  Meteorology  and  Oceanography  Center  (FNMOC).  The  EVIS  server 
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pulls  raw  environmental  data  from  multiple  data  sources,  performs  various  operations  on 
the  raw  data,  and  presents  actionable  information  via  re-usable  SOAP  web  services  to 
external  clients.  The  primary  client  application  is  the  EVIS  Portlet  described  above, 
running  in  the  HF  MARS  Portal,  which  allows  the  authenticated,  authorized  forecaster  in 
the  field  the  ability  to  create  and  store  mission-tailored  METOC  threshold  products  using 
EVIS  web  services.  The  mission  impact  products  are  available  to  warfighters  and 
decision  makers  both  through  the  EVIS  web  server  itself  and  through  the  EVIS  Federated 
Search  service,  and  are  consumed  by  the  Federated  Search  Portlet  and  the  National 
Geospatial  Intelligence  Agency  Services  (NGS)  Portlet.  NCES  Core  Security  Services 
ensure  that  the  correct  portal  member  has  access  to  what  it  should,  and  that  all 
communications  between  the  server  and  client  are  validated,  digitally  signed,  and 
authorized.  This  architecture  is  displayed  in  Figure  5. 


Figure  5.  The  systems  architecture  for  EVIS  as  deployed  in  Horizontal  Fusion. 

To  the  outside  world,  the  EVIS  server  provides  a  set  of  secure  web  services  that  allow 
clients  to  identify  the  METOC  information  available,  and  to  create,  store,  and  search 
mission-specific  threshold  products.  Internally,  the  EVIS  server  consumes  mission 
impact  rule  data,  raw  model  gridded  analysis  and  forecast  data,  SOAP  web  services,  and 
externally-created  METOC  products  to  fuel  its  analysis  and  respond  to  service  requests. 
Through  the  use  of  SOA  principles,  the  EVIS  server  is  able  to  support  ongoing  operations 
by  not  only  allowing  mission-tailored  METOC  threshold  products  to  be  created  and 
disseminated,  but  by  adapting  the  services  for  over-the-network  interface  with  established 
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warfighter  tools  and  processes.  These  server  capabilities  assist  in  the  search  and  retrieval 
of  warfighter  products  using  the  HF  Federated  Search  tool  (IFIS). 

Reusable  Services 

The  EVIS  web  services  were  designed  to  automate  the  laborious  and  error-prone  manual 
process  of  creating  mission-specific  METOC  threshold  spreadsheet  products  to  brief  the 
warfighter.  By  designing  the  services  as  machine-consumable  SOAP  web  services  with 
published  service  descriptions  and  XML  schemas,  multiple  client  types  can  consume  the 
web  services  and,  thereby,  deliver  additional  value  to  the  users  of  those  services.  The 
EVIS  reference  client  (EMES  -  EVIS  METOC  Effects  Service)  uses  the  services  to  walk 
a  forecaster  through  the  orchestrated  workflow  process  of  creating,  customizing,  and 
storing  a  set  of  overlays  showing  the  effects  of  weather  and  oceanography  on  an  area  for 
a  particular  set  of  mission  parameters.  As  an  example  of  the  power  and  flexibility  of  the 
SOA,  an  independent  mission  planning  application  named  REDS  (Real-Time  Execution 
Decision  Support)  used  several  EVIS  services  in  September,  2003  to  layer  METOC 
effects  into  its  mission  status  and  analysis  display  tool  for  a  Net-Centric  Capabilities  Pilot 
(NCCP)  Sea  Trial.  As  mentioned  above,  the  National  Geospatial  Intelligence  Agency 
(NGA)  developed  a  portlet  in  Horizontal  Fusion  that  consumes  the  EVIS  search  service 
and  displays  its  products  on  a  graphical  map  viewer  along  with  the  results  from  other 
content  providers. 

Each  EVIS  service  (Table  1)  is  protected  behind  DIA's  security  handler  that  implements 
the  NCES  Security  Services  specification  that  involves  the  Web  Service-Security  and 
Security  Assertion  Markup  Language  (SAML)  standards.  The  handler  ensures  that  each 
requestor's  clearance  and  citizenship  information  is  included  with  every  request,  in 
addition  to  the  message  classification  information.  EVIS  services  use  this  information  to 
limit  response  to  the  request  by  removing  any  inappropriate  material.  Furthermore,  as 
part  of  the  HF  security  requirements,  all  data  at  rest  on  the  EVIS  server  are  labeled  by 
digitally  assigning  the  files  with  their  classification  information.  Thus,  every  access  to 
this  secured  information  requires  clearance  and  citizenship  information  to  ensure  valid 
retrieval.  Also,  when  accessed,  the  data  are  checked  for  evidence  of  tampering. 


Table  1.  Available  EVIS  web  services  and  their  descriptions. 


Service 

Description 

Archives  ervice 

Archives  products  created  by  the  portlet  on  the  server  for  retrieval 
through  the  local  EVIS  review  web  interface 

PingService 

Checks  the  server  for  data  source  (TEDS)  availability. 

RulesService 

Returns  METOC  thresholds  /  rules,  usually  from  RP-1 

S  atellitelmag  eS  erv  ic  e 

Returns  available  satellite  image  URLs  for  configured  areas. 
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Service 

Description 

ThresholdAnalysisService 

Takes  an  area,  a  list  of  METOC  limits,  and  one  or  more  times, 
and  calculates  the  METOC  thresholds.  Threshold  images  that 
describe  “red”  (danger)  and  “yellow”  (caution)  impacts  are 
returned. 

ThumbnaillmageService 

Returns  detailed  information  for  each  requested  model  and 
returns  a  list  of  URLs  for  thumbnail  images. 

Thumbnails  ummary  S  erv  ic  e 

Returns  metadata  on  all  available  areas  where  METOC  model 
information  is  available. 

ZoomService 

Performs  a  zoom  of  a  given  location  and  returns  a  URL  pointing 
to  an  image  of  the  zoomed  area. 

SearchMessageReceiverService 

Searches  archived  products  for  the  given  criteria  and  returns 
matches  that  include  summaries  and  URLs  that  point  to  the 
product. 

Data  Source  Integration 

Since  EVIS  is  a  content  provider,  not  a  raw  data  source,  it  must  retrieve  METOC  model 
data,  validated  METOC  threshold  rules,  and  external  METOC  products  from  available 
sources  for  its  analysis  and  operation.  Each  data  source  accessed  uses  the  highest  level  of 
security  available,  ranging  from  a  simple  HTTPS  request  to  a  full  NCES  Security 
Services-protected  SOAP  call  that  passes  along  security  clearance  and  classification 
information.  This  integration  is  important  as  it  shows  that  EVIS  is  just  another  consumer 
of  services  in  the  Service  Oriented  Architecture,  aggregating  retrieved  information  to 
build  new  value-added  products  for  another  consumer. 

EVIS  leaves  the  collection  and  management  of  validated  METOC  thresholds  to  the 
Reference  Publication  1  (RP-l)  application.  RP-1  is  a  web-based  application  that  serves 
as  a  collection  and  authorization  point  for  METOC  threshold  information  and  it  includes 
processes  to  validate  and  organize  the  thresholds  by  tying  them  to  assets,  missions,  and 
METOC  parameters.  EVIS  retrieves  its  thresholds  from  the  RP- 1  SOAP  services  hosted 
at  FNMOC  and  allows  the  user  to  customize  rule  sets  by  linking  directly  to  the  RP- 1  web 
interface.  The  communication  between  EVIS  and  RP-1  utilizes  NCES  Security  Services. 

The  other  key  ingredient  for  the  generation  of  METOC  impact  products  is  the  raw  model 
analysis  and  forecast  gridded  data.  EVIS  utilizes  the  Tactical  Environmental  Data  Server 
(TEDS)  hosted  at  FNMOC  that  collects  and  distributes,  among  other  data  types,  model 
data  from  COAMPS®  (Coupled  Ocean/ Atmosphere  Mesoscale  Prediction  System)  and 
NOGAPS  (Navy  Operational  Global  Atmospheric  Prediction  System)  within  a  DOD 
standard  relational  database.  The  integration  of  additional  data  sources  for  EVIS  is 
currently  under  development.  These  new  data  sources  include  TEDServices  (also  known 


COAMPS  is  a  registered  trademark  of  the  Naval  Research  Laboratory. 
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as  Virtual  Natural  Environment  -  Net-Centric  Services:  VNE-NCS)  and  flat  file  output 
directly  (bypassing  the  database). 

Finally,  since  EVIS  is  one  of  several  existing  METOC  effects  products,  it  has  been 
adapted  to  retrieve  external  products  over  the  network  and  make  them  available  through 
the  HF  Federated  Search  service  along  with  the  portlet- created  products.  In  another 
example  of  the  extensibility  of  the  SOA,  EVIS  has  been  enhanced  to  include  a  process 
that  can  periodically  retrieve  web-accessible  metadata  files  describing  these  external 
products,  and  add  the  metadata  information  to  its  own  search  catalog.  EVIS  also  can  use 
generic  product  templates  stored  locally,  but  updated  periodically,  with  information 
gleaned  from  external  products  (such  as  valid  time).  Using  this  technique  trusted  off-site 
content  can  be  exposed  to  the  enterprise  using  the  Federated  Search  capability.  This  is  a 
powerful  method  to  interact  with  a  larger  user  community. 

Operational  Deployment 

The  EVIS  server,  as  a  Horizontal  Fusion  portfolio  member,  is  currently  deployed 
operationally  at  FNMOC,  Monterey,  CA  in  support  of  the  Multi-National  Forces  -  Iraq 
(MNF-I),  with  the  software  maintained  and  the  configuration  managed  by  FNMOC 
personnel.  EVIS  services  provide  a  reach-back  capability  for  environmental  mission 
impact  products,  including  those  produced  in  theater  using  applications  other  than  EVIS. 
This  enhanced  capability  highlights  the  flexible  Services  Oriented  Architecture  approach 
adopted  by  EVIS  and  HF. 

When  EVIS  management  first  learned  in  February  2005  that  HF  was  targeting 
operational  support  for  the  U.S.  Army  18th  Airborne  Corp  (ABC),  they  met  with  the  Air 
Force  18th  Operational  Weather  Squadron  (OWS)  assigned  to  provide  METOC  support  to 
the  18th  ABC.  They  learned  that  the  18th  OWS  already  had  a  process  in  place  for 
generating  METOC  effects  products  that  resulted  in  a  single  PowerPoint  slide  they  made 
accessible  on  their  local  web  site.  While  the  18th  OWS  was  interested  in  using  EVIS  in 
the  future  for  point-and-route  forecasting,  they  were  not  willing  to  replace  their  existing 
product.  But  their  product  was  only  accessible  if  one  knew  the  URL,  and  it  was  available 
only  to  the  18th  OWS;  the  page  was  tucked  away  on  the  MNF-I  website,  inaccessible  to 
the  untrained  user.  EVIS  managers  saw  an  opportunity  to  leverage  their  search 
infrastructure  to  retrieve  metadata  about  the  18th  OWS  product,  thus  making  it  available 
through  the  HF  Federated  Search  service.  Now,  the  MNF-I  official  METOC  effects 
analysis  can  be  easily  retrieved  from  a  simple  Federated  Search  portlet  and  can  be 
displayed  graphically  along  with  other  pertinent  search  results  including  sensor  video 
feeds,  intelligence  reports,  and  translated  documents.  Further,  the  18th  OWS  can  now 
access  other  useful  data  and  products  available  within  the  larger  community. 

EVIS  &  Federated  Search 

The  use  of  the  HF  Federated  Search  capability  to  make  METOC  mission  impact  products 
available  for  global  searching  is  a  critical  accomplishment  for  HF.  Normalized  queries 
are  routed  to  EVIS  from  IFIS  and  are  broken  down  into  components  and  compared 


14 


Proceedings  of  the  Battlespace  Atmospheric  and  Cloud  Impacts  on  Military  Operations  (BACIMO),  October  2005,  Monterey  CA 


against  metadata  describing  METOC  products  on  the  EVIS  server.  Matches  are  used  to 
select  product  URLs,  which  are  returned  to  the  Federated  Search  user  sorted  by 
relevance,  allowing  for  the  discovery  of  METOC  information  by  users  unfamiliar  with 
METOC  services  and  products.  This  ability  of  data  search  and  discovery  over  a  diverse 
network  of  users  and  data  providers  is  an  essential  component  of  the  HF  program. 

The  EVIS  federated  search  service  is  designed  not  only  to  search  through  the  products 
made  using  the  EMES  application,  but  also  search  through  other  available  non-EMES 
environmental  impact  products.  In  particular,  using  the  metadata  scheme  that  we 
developed  for  environmental  impact  products,  our  search  service  determines  whether 
specific  weather  impact  products  made  daily  for  Iraq  are  relevant  to  user  queries,  and 
return  the  URL  to  a  specific  operational  product  if  appropriate. 

All  of  the  HF  Federated  Search  data  providers  were  tested  for  data  quality  and 
compliance  to  the  query  syntax  specification  (ability  to  handle  Boolean  queries  and 
date/geospatial  constraints).  EVIS  achieved  the  highest  overall  score  for  data  quality  and 
passed  all  of  the  query  syntax  tests  (EVIS  was  the  only  initiative  that  has  passed  all  of 
these  syntax  tests  from  the  onset).  Data  quality  was  scored  by  a  team  that  included 
retired  military  personnel  who  rated  the  products  that  were  returned  by  the  data  providers. 
Given  relevant  queries  (e.g.,  Iraq  weather,  Baghdad  weather,  etc),  the  EVIS  server 
returned  links  to  the  daily  tactical  forecasts  published  by  the  18th  Weather  Squadron  for 
Iraq,  with  a  summary,  a  calculated  relevance  score,  and  date  information  about  when  the 
product  was  posted  and  is  valid. 

Data  quality  ratings  were  placed  on  the  following  attributes  (EVIS  scores  are  in 
parentheses). 

Relevance  of  results  to  query  (4  out  of  5) 

Timeliness  of  results  (5  out  of  5) 

Results  well-described  by  title  and  description  (5  out  of  5) 

Appropriateness  of  relevance  score  (5  out  of  5)  (a  relevance  score  of  0-100  has  to 
be  returned  for  each  hit) 

Value  of  results  to  the  intended  user  (5  out  of  5) 

The  EVIS  Federated  search  capability  can  be  called  by  any  application  that  implements 
the  Search  Web  Service  (SWS)  specification.  Currently,  there  are  two  applications  that 
implement  this  specification,  and  the  user  interfaces  are  very  different  so  as  to  allow 
different  searches,  graphical  maps  or  area  names.  The  following  section  shows  how 
each  application  can  be  used  to  discover  Iraq  theater  weather  products  that  are  made  daily 
by  personnel  assigned  to  the  Staff  Weather  Office  of  the  MultiNational  Corps-Iraq. 

Discovery  through  the  National  Geospatial  Agency ’s  HF  Portlet. 

This  method  uses  a  graphical  application  to  display  the  results  of  the  search.  Users  open 
the  NGA’s  HF  portlet,  select  the  EVIS  server  as  a  data  source,  and  enter  a  search  for 
weather  forecasts  (e.g.,  “weather  in  Iraq,”  as  illustrated  in  Figure  6,  left.)  As  illustrated  in 
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Figure  6  on  the  right,  the  search  will  return  overlays  for  products  that  are  available  in  the 
AOI,  indicating  the  notional  areas  (shaded)  covered  by  each  forecast  product. 


Figure  6.  NGA  FIF  portlet  (left  and  right)  showing  a  representative  set  of  results 
illustrated  by  overlays  (shaded  areas)  of  the  forecasted  areas  (i.e.,  North,  West,  East,  and 
South  Iraq).  The  popup  details  the  product  represented  by  the  lower- right  overlay,  South 
Iraq. 


By  selecting  within  one  of  the  overlays,  users  can  ask  for  the  product  detail  and  a  popup 
will  open  with  a  summary,  start  and  end  times  for  the  forecast,  and  a  URL  to  retrieve  the 
product.  By  selecting  the  URL,  the  product  will  be  delivered  to  users’  desktops. 


Through  the  Federated  Search  Portlet. 


To  utilize  the  other  method,  users  open  the  Federated  Search  Portlet  on  the  Horizontal 
Fusion  portal  and  enter  a  search  string  such  as  “Iraq  weather.” 


Figure  7.  Federated  Search  portlet  on  the  left,  and  an  illustrative  results  window  on  the 
right. 


The  search  application  will  generate  queries  to  all  data  providers,  including  EVIS,  and  a 
results  window  will  show  hits  from  the  data  provider  including  one  entitled,  “Theater 
Weather  Effects,”  which  refers  to  the  EVIS  server.  By  opening  the  “Theater  Weather 
Effects”  folder,  users  see  details  of  the  hits,  and  by  selecting  one  of  the  links,  the  product 
will  be  delivered  to  users’  desktops.  The  results  detail  includes  title,  summary,  relevance 
score,  product  MIME  type,  and  data  about  the  date  of  the  product. 
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The  EVIS  server  can  support  a  wide  variety  of  natural  language  query  forms  including  all 
of  the  following  whether  entire  sentences  or  just  phrases.  The  last  example  is  illustrative 
of  the  complex  Boolean  queries  that  can  be  supported.  In  this  case,  the  user  is  searching 
for  high  cloud  cover  and  high  wind  speed  conditions  that  are  not  restrictive. 

•  Is  there  a  severe  impact  of  high  temperature  on  operations? 

•  Is  there  a  severe  effect  of  high  temperature  on  personnel? 

•  What  is  the  impact  of  high  temperature  on  personnel? 

•  Does  high  temperature  impact  personnel  on  18  Apr  2005? 

•  What  is  the  effect  of  cloud  cover  at  2300N120E 

•  Cloud  cover  at  2300N12000E 

•  Severe  temperature  impact  on  1 8  Apr  2005 

•  Marginal  temperature  effect  on  02/22/2005 

•  Severe  impact  to  visibility  after  Apr  18  2005 

•  Severe  temperature  effect  between  April  17  2005  and  Apr  19  2005 

•  Cloud  cover  at  2300N12000E? 

•  (NOT  severe)  AND  high  ("cloud  cover"  AND  “wind  speed”) 

SUMMARY 

By  its  participation  in  the  Horizontal  Fusion  (HF)  program,  the  EVIS  team  was  able  to 
extend  their  mission  effects  capability,  which  was  originally  intended  for  naval  weather 
forecasters,  into  a  tool  that  is  now  available  to  the  joint  services  and  other  non-DoD 
related  security  services.  The  cutting  edge  SOA  infrastructure  developed  by  the  HF 
program  allowed  the  EVIS  team  the  opportunity  to  move  critical  METOC  information 
into  a  secure  and  discoverable  web  service  environment.  The  HF  program  has  helped 
chart  a  path  that  could  provide  the  way  forward  to  further  expansion  of  information 
sharing  across  multiple  domains. 
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